Book Image

Security-Driven Software Development

By : Aspen Olmsted
Book Image

Security-Driven Software Development

By: Aspen Olmsted

Overview of this book

Extend your software development skills to integrate security into every aspect of your projects. Perfect for any programmer or developer working on mission-critical applications, this hands-on guide helps you adopt secure software development practices. Explore core concepts like security specifi cation, modeling, and threat mitigation with the iterative approach of this book that allows you to trace security requirements through each phase of software development. You won’t stop at the basics; you’ll delve into multiple-layer att acks and develop the mindset to prevent them. Through an example application project involving an entertainment ticketing software system, you’ll look at high-profi le security incidents that have aff ected popular music stars and performers. Drawing from the author’s decades of experience building secure applications in this domain, this book off ers comprehensive techniques where problem-solving meets practicality for secure development. By the end of this book, you’ll have gained the expertise to systematically secure software projects, from crafting robust security specifi cations to adeptly mitigating multifaceted threats, ensuring your applications stand resilient in the face of evolving cybersecurity challenges.
Table of Contents (20 chapters)
Free Chapter
1
Part 1: Modeling a Secure Application
8
Part 2: Mitigating Risks in Implementation
13
Part 3: Security Validation

Mocks

In software integration testing, mocks are objects or components that simulate the behavior of natural system components or dependencies. The purpose of mocks is to isolate the component being tested from its dependencies, allowing the testing focus to be on the component’s functionality in isolation. Mocks help create controlled environments for integration testing, and they are instrumental when testing components that interact with external systems, databases, or services.

Here are some key concepts related to the use of mocks in software integration testing:

  • Mock objects: A mock object is a simulated object that mimics the behavior of a real object or component. It is designed to respond to method calls or requests in a predefined manner. During integration testing, mock objects, such as external services or databases, replace actual dependencies. They ensure that the component under test interacts correctly with its dependencies.
  • Purpose of mocks in...